On 06/23/15 04:25, Gary Ching-Pang Lin wrote: > On Mon, Jun 22, 2015 at 02:24:55PM -0400, Peter Jones wrote: >> On Sat, Jun 20, 2015 at 03:01:17PM +0200, Ard Biesheuvel wrote: >> >>> I wonder what is going on here. My AArch64 boot tests work fine with >>> these patches applied, but they don't use shim. (They do use GRUB as >>> an intermediate loader calling LoadImage() to boot a signed kernel). >>> >>> Are there any plans or patches yet to move shim to a more recent >>> OpenSSL version? It shouldn't be affecting things like this, but it >>> would allow a quick check if someone has patches already. >> >> Yes, there's a plan to do so - Gary Lin has had a patch in progress and >> was waiting for this patch to hit before sending it to me. I expect to >> see it any time. (I would not be surprised if he's trying to debug an >> analog to this exact same issue...) >> > I'm currently busy with other things so the update in shim may be delayed > for a while. > >> That said, it's unclear to me how shim being on a prior openssl version >> would cause the problem Laszlo is seeing - there's no cross-linkage of >> any kind between the two openssl builds in memory. >> > shim and grub2 are using the openssl lib independent from the one in firmware, > so it surprised me the openssl update patches broke the bootloaders. I just > tested OVMF R17650 with openSUSE 13.2 and everything went well. The shim we > use in openSUSE 13.2 is 0.7 + a series of patches (most of them are upstream > patches). Hope this could narrow down the issue.
Huh. R17650 is past the openssl-1.0.2c update. Can you please give me (or link for me) the install media for openSUSE 13.2? I'd like to try it. Thanks Laszlo > Cheers, > > Gary Lin > > ------------------------------------------------------------------------------ > Monitor 25 network devices or servers for free with OpManager! > OpManager is web-based network management software that monitors > network devices and physical & virtual servers, alerts via email & sms > for fault. Monitor 25 devices for free with no restriction. Download now > http://ad.doubleclick.net/ddm/clk/292181274;119417398;o > _______________________________________________ > edk2-devel mailing list > edk2-devel@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/edk2-devel > ------------------------------------------------------------------------------ Monitor 25 network devices or servers for free with OpManager! OpManager is web-based network management software that monitors network devices and physical & virtual servers, alerts via email & sms for fault. Monitor 25 devices for free with no restriction. Download now http://ad.doubleclick.net/ddm/clk/292181274;119417398;o _______________________________________________ edk2-devel mailing list edk2-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/edk2-devel
